ELA-34-1 redis security update

Buffer overflow vulnerability

Packageredis
Version2:2.4.14-1+deb7u3
Related CVE CVE-2018-12326

A buffer overflow vulnerability was discovered in the the redis key-value database. The “redis-cli” tool could have allowed an attacker to achieve code execution and/or escalate to higher privileges via a specially-crafted command line.

For Debian 7 Wheezy, these problems have been fixed in version 2:2.4.14-1+deb7u3.

We recommend that you upgrade your redis packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/